Title :
An adaptive real-time intrusion detection system using sequences of system call
Author :
Lu, Kaining ; Chen, Zehua ; Jin, Zhigang ; Guo, Jichang
Author_Institution :
Sch. of Electron. Inf. Eng., Tianjin Univ., China
Abstract :
Intrusion detection is the process of monitoring computer networks and systems for violations of security policy. IDS may be of the network (NIDS) or host (HIDS) type. Traditionally, NIDS is the only way of preventing intrusion before an intrusion occurs through analyzing data packages, but has higher false rates. Although with lower false rates, HIDS detects anomalous actions by auditing host system logs that means the intrusion has took place. In this paper, we present one collaborate IDS module to make a real-time detection and block intrusions before occurrences, based on HIDS using sequences of system call anomaly detection.
Keywords :
computer networks; data analysis; real-time systems; telecommunication security; adaptive real-time intrusion detection system; anomalous detection; block intrusion; computer network monitoring; data package analysis; host intrusion detection system; host system log auditing; intrusion prevention; network intrusion detection system; real-time detection; security policy; system call sequence; system violation; Computer networks; Computer security; Computerized monitoring; Data analysis; Data security; Information security; Intrusion detection; Packaging; Protocols; Real time systems;
Conference_Titel :
Electrical and Computer Engineering, 2003. IEEE CCECE 2003. Canadian Conference on
Print_ISBN :
0-7803-7781-8
DOI :
10.1109/CCECE.2003.1226013
